Alerts This Week
Warning Icon 1 485
Alerts This Week
Warning Icon 1 485

openSUSE Leap 16.0 Mozilla Thunderbird Key Security Update 2026-20664-1

opensuse
Calendar Grey May 4, 2026
Dist Opensuse Esm H88
An important update for openSUSE's MozillaThunderbird resolves 68 issues and enhances security. Install now!
An update that solves 68 vulnerabilities and has 2 bug fixes can now be installed.

Description

This update for MozillaThunderbird fixes the following issues:

Changes in MozillaThunderbird:

- Mozilla Thunderbird 140.10.0 ESR

* Newly translated strings were not available in Thunderbird

MFSA 2026-34 (bsc#1262230)

* CVE-2026-6746 Use-after-free in the DOM: Core & HTML component

* CVE-2026-6747 Use-after-free in the WebRTC component

* CVE-2026-6748 Uninitialized memory in the Audio/Video: Web Codecs component

* CVE-2026-6749 Information disclosure due to uninitialized memory in the Graphics: Canvas2D component

* CVE-2026-6750 Privilege escalation in the Graphics: WebRender component

* CVE-2026-6751 Uninitialized memory in the Audio/Video: Web Codecs component

* CVE-2026-6752 Incorrect boundary conditions in the WebRTC component

* CVE-2026-6753 Incorrect boundary conditions in the WebRTC component

* CVE-2026-6754 Use-after-free in the JavaScript Engine component

* CVE-2026-6757 Invalid pointer in the JavaScript: WebAssembly component

* CVE-2026-6759...

Read the Full Advisory

Patch

Package List

- openSUSE Leap 16.0:

MozillaThunderbird-140.10.0-bp160.1.1

MozillaThunderbird-openpgp-librnp-140.10.0-bp160.1.1

MozillaThunderbird-translations-common-140.10.0-bp160.1.1

MozillaThunderbird-translations-other-140.10.0-bp160.1.1

References

* bsc#1260083

* bsc#1262230

References:

* https://www.suse.com/security/cve/CVE-2025-59375.html

* https://www.suse.com/security/cve/CVE-2026-3889.html

* https://www.suse.com/security/cve/CVE-2026-4371.html

* https://www.suse.com/security/cve/CVE-2026-4684.html

* https://www.suse.com/security/cve/CVE-2026-4685.html

* https://www.suse.com/security/cve/CVE-2026-4686.html

* https://www.suse.com/security/cve/CVE-2026-4687.html

* https://www.suse.com/security/cve/CVE-2026-4688.html

* https://www.suse.com/security/cve/CVE-2026-4689.html

* https://www.suse.com/security/cve/CVE-2026-4690.html

* https://www.suse.com/security/cve/CVE-2026-4691.html

* https://www.suse.com/security/cve/CVE-2026-4692.html

* https://www.suse.com/security/cve/CVE-2026-4693.html

* https://www.suse.com/security/cve/CVE-2026-4694.html

* https://www.suse.com/security/cve/CVE-2026-4695.html

* https://www.suse.com/security/cve/CVE-2026-4696.html

* https://www.suse.com/security/cve/CVE-2026-4697.html

*...

Read the Full Advisory

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2026:20664-1
Rating: important
Affected Products: openSUSE Leap 16.0 -------------------------------------------------------------

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here